II. AMENDMENTS TO THE CLAIMS 

The following listing of claims replaces all prior versions, and listings, of claims in the 
application: 

1 . (Currently Amended) A system for providing security for an Internet server, comprising: 

a logical security system for processing login and password data received from a client 
device during a server session with the Internet server in order to authenticate a user; [and] 

a physical security system for processing Internet protocol (IP) address information of the 
client device at the Internet server in order to authenticate the client device for the duration of the 
server session ; and 

a memory system for storing, at the Internet server, a list of each logged in user and a 
reference IP address collected during a login procedure . 

2. (Cancelled). 

3. (Original) The system of claim 2, wherein the physical security system compares the IP 
address of a received message with the reference IP address for the user. 

4. (Original) The system of claim 3, wherein the physical security system terminates the session 
for the user if the IP address obtained from the received message does not match the reference IP 
address for the logged in user. 
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5. (Original) The system of claim 4, wherein the physical security system deletes all instances of 
the logged in user from the stored list if the IP address obtained from the received message does 
not match the reference IP address for the logged in user. 

6. (Original) The system of claim 2, wherein the physical security system includes a proxy 
server module for comparing a portion of an IP address obtained from a received message 
against a like portion of the reference IP address for the logged in user. 

7. (Currently Amended) A method of authenticating a user accessing an Internet server, 
comprising: 

storing in a memory system , at the Internet server, a reference Internet protocol (IP) 
address and associated login data whenever a new server session is initiated on the Internet 
server from a client device; 

receiving a message from a requesting user at the Internet server; 

obtaining login data accompanying the message; 

obtaining an IP address from a message header in the message; 

determining if the login data of the requesting user is currently listed in the memory 
system as an existing session with the Internet server; and 

if the login data of the requesting user is currently listed, determining at the Internet 
server if the IP address from the received message matches the reference IP address associated 
with the login data of the requesting user. 
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8. (Original) The method of claim 7, comprising the further step of initiating a login procedure if 
the login data of the requesting user is not currently listed in the memory system. 

9. (Original) The method of claim 7, comprising the further step of terminating all server 
sessions listed in the memory system having the login data of the requesting user if the IP 
address from the obtained message does not match the reference IP address. 

10. (Original) The method of claim 7, wherein the step of determining if the IP address from the 
received message matches the reference IP address associated with the login data of the 
requesting user includes the steps of: 

examining a portion of the IP address of the requesting user; and 
determining if the portion matches a like portion of the reference IP address. 

1 1 . (Currently Amended) A program product stored on a recordable medium for providing 
security for an Internet server, the program product comprising: 

means for processing logical security information received from a client device during a 
server session in order to authenticate a user; [and] 

means for processing Internet protocol (IP) address information of the client device in 
order to authenticate the client device during the server session by comparing the IP address of a 
received message against the list of IP addresses stored by the server ; and 

means for storing, at the Internet server, a list of each logged in user and a respective 
reference IP address collected during a login procedure . 
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12. (Cancelled). 



13. (Original) The program product of claim 12, wherein the means for processing IP address 
information compares a login name and IP address of a received message against the list of 
logged in users and their respective reference IP addresses. 

14. (Original) The program product of claim 13, wherein the means for processing IP address 
information terminates the session for the user if the IP address obtained from the received 
message does not match the reference IP address for the logged in user stored in the list. 

15. (Original) The program product of claim 14, wherein the means for processing IP address 
information deletes all instances of the logged in user from the stored list if the IP address 
obtained from the received message does not match the respective reference IP address for the 
logged in user. 

16. (Original) The program product of claim 12, wherein the wherein the means for processing 
IP address information includes a proxy server module for comparing a portion of an IP address 
obtained from a received message against a like portion of the reference IP address for the 
logged in user. 
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